Steam patches flaw that exposed user profiles to drive-by attacks
… All you had to do to trigger the issue was visit a page with a malicious Steam Profile. The attack could redirect users to non-Steam pages designed to look like Steam and capture login and password info this is a combined phishing and malware attack strategy . …